[Snort-users] Snort Reporting and Capture
xeon at ...8041...
Thu Jan 23 00:11:04 EST 2003
I'm new to snort and would like to get your valuable feedback on some of
the utilities that are out there that can help me manage and view snort
results as they are captured.
What I'm really looking for first of all is a utility that can capture
the alerts and warnings, displaying them either through a web interface
and or it's own UI. I would also like to know of any utilities out may
be out there that help with snort configuration, such as changes you
would like to add or help with adding new rules etc., that may be available.
Here is a brief description of my setup and would appreciate any
feedback you all could provide that may be best for my particular case.
I'm running a single FreeBSD machine with multiple IP's (total of five).
From this machine I run a webserver and also IRC related
programs/processes. This machine acts as it's own Gateway and firewall
and would like to add snort to monitor all the traffic to and from this
What would you recommend as the best setup with this type of layout that
would provide an easy way to constantly monitor the traffic as stated above?
Any and all feedback is welcome.
Thanks for your time in advance,
More information about the Snort-users